Maksim Kabakou - Fotolia

Security Think Tank: Malware is sneaky

What strategies should organisations follow to block malware attachments which continue to account for two-thirds of malware infections that result in data breaches?

Malware can inveigle its way into organisations using a wide range of techniques. Social engineering, email and instant message attachments, website code and mobile devices are just a few examples of how adversarial threats might take advantage of inadequate security controls to introduce malware.

Overall, organisations should go for a two-pronged approach to blocking malware.

The first is to deal with the technology side. Technical security management practices include maintaining up-to-date malware protection software wherever the organisation has decided it might be susceptible. Examples might include key servers, mobile devices, network access systems and collaboration platforms, among others.

Malware protection software should be distributed automatically and within defined timescales to reduce the likelihood of systems being exposed to the most recent malware. Also, perform regular vulnerability assessments and keep up-to-date with patches.

This is unlikely to prevent all malware from getting into your organisation, particularly for zero-day exploits, but it will cover most bases.

The second approach is to support people. Adversarial threats often use unsuspecting individuals as malware “mules”. Those individuals with access to the information and systems of an organisation should have tailored and appropriate security messages communicated to them on a regular basis.

They should be made aware of the types of threat the organisation faces and the methods used, including malware. Be careful not to put this into “techy speak” as people will switch off; instead, provide real examples of how malware might enter the organisation through an individual’s everyday actions.

Read more about malware

This is designed to ensure individuals remain aware of the importance and need for information security on an ongoing basis, and maintain a security-positive culture throughout the organisation.

Recognising that both the technological and people approaches might still result in malware getting through, an organisation should have procedures for managing malware-related incidents. Be prepared.

Read more on Hackers and cybercrime prevention